Infrastructure and Network Security Policy
- Amazon Web Services
- Our web application and data (i.e. data from the will-writing process) are hosted within AWS, in UK datacentres. So AWS policies and processes are our policies and processes for our physical and network security standards.
- Our web application
- Our software has been developed in accordance with the OWASP Top 10 guidelines (for security of web applications) and is subject to periodic penetration testing. For further information on security, please contact us via [email protected].
- For information of how we deal with data gathered via the web application and the online will interview, see our Processor Terms.
- Intercom and other third-party applications
- We have integrated Intercom into our application. It enables targeted communication with our users through a range of online media. It is at the heart of the customer support that our users rave about. We use two-factor authentication for access of our staff to Intercom.
- All data sent to Intercom is encrypted in transit. The API and application endpoints are TLS/SSL only and score an "A+" rating on SSL Labs' tests - meaning that Intercom only uses strong cipher suites and has features such as HSTS and Perfect Forward Secrecy fully enabled.